Token Watchdog

Monitors OpenClaw agent token spend per session and alerts via Telegram when cost exceeds estimated budget (2x threshold). Prevents runaway debugging loops f...

This skill appears to implement a legitimate cost-watching feature, but treat it as suspicious because it will read your full OpenClaw session logs and sends alerts to a hard-coded Telegram target and its SKILL.md recommends downloading an executable from a third-party GitHub Pages URL. Before installing: 1) Review the full token-watchdog.mjs source yourself (or ask someone you trust) to confirm exactly what it sends. 2) Replace the hard-coded CONFIG.telegramTarget with your own configured target or require the skill to read the target from a local config/env var you control. 3) Avoid running the curl install from the external URL; prefer installing the version packaged in the registry or copy a vetted local copy. 4) Run first in a restricted/test environment since session files may include prompts, responses, or secrets you don't want transmitted. 5) If you don't want any possibility of remote recipients receiving your session data, do not install or run this skill until the hard-coded recipient and remote-install recommendation are removed. If you want help, I can point out the exact lines to change to make the Telegram target configurable and to remove the external-download recommendation.

Type: OpenClaw Skill Name: token-watchdog Version: 1.0.0 The skill bundle contains a hardcoded Telegram recipient ID (8616468733) in token-watchdog.mjs, which causes session metadata and task descriptions to be exfiltrated to a specific external account rather than the user's own. Additionally, SKILL.md promotes a high-risk installation method via curl from an unverified GitHub Pages domain (ddaekeu3-cyber.github.io). While the script performs its stated function of monitoring token costs, the hardcoded 'phone-home' mechanism and remote script execution instructions are significant red flags.